Filter过滤器之登陆拦截器
1-过滤器Filter:生命周期
2-过滤器&过滤器链
3-过滤器案例
案例需求
编写2个过滤器,实现对同一个请求(/servlettest1)进行过滤,验证过滤器的生命周期、过滤器链中单个过滤器的执行顺序。
代码编写
Servlet类编写
package com.xwd.servlet;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
/**
* @ClassName ServletTest1
* @Description: com.xwd.servlet
* @Auther: xiwd
* @Date: 2022/2/11 - 02 - 11 - 0:09
* @version: 1.0
*/
@WebServlet(
name = "servlettest1",
value = {
"/servlettest1"
}
)
public class ServletTest1 extends HttpServlet {
//methods
@Override
protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//super.doGet(req, resp);
this.doPost(req, resp);
}
@Override
protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
//super.doPost(req, resp);
System.out.println("visit /servlettest1");
}
}
Filter过滤器编写
package com.xwd.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import java.io.IOException;
/**
* @ClassName FilterTest1
* @Description: com.xwd.filter
* @Auther: xiwd
* @Date: 2022/2/11 - 02 - 11 - 0:10
* @version: 1.0
*/
public class FilterTest1 implements Filter {
//properties
//methods
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("filter1 init...");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("filter1 过滤请求...");
//放行ServletRequest
filterChain.doFilter(servletRequest, servletResponse);
System.out.println("filter1 过滤响应...");
}
@Override
public void destroy() {
System.out.println("filter1 destroy...");
}
}
Filter过滤器2编写
package com.xwd.filter;
import javax.servlet.*;
import java.io.IOException;
/**
* @ClassName FilterTest2
* @Description: com.xwd.filter
* @Auther: xiwd
* @Date: 2022/2/11 - 02 - 11 - 0:13
* @version: 1.0
*/
public class FilterTest2 implements Filter {
//properties
//methods
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println("filter2 init...");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
System.out.println("filter2 过滤请求...");
//放行ServletRequest
filterChain.doFilter(servletRequest, servletResponse);
System.out.println("filter2 过滤响应...");
}
@Override
public void destroy() {
System.out.println("filter2 destroy...");
}
}
Filter过滤器在web.xml中的配置
<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://xmlns.jcp.org/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_4_0.xsd"
version="4.0">
<!--filter-->
<filter>
<filter-name>filtertest1</filter-name>
<filter-class>com.xwd.filter.FilterTest1</filter-class>
</filter>
<filter-mapping>
<filter-name>filtertest1</filter-name>
<!--根据servlet-name实现过滤-->
<url-pattern>/servlettest1</url-pattern>
</filter-mapping>
<filter>
<filter-name>filtertest2</filter-name>
<filter-class>com.xwd.filter.FilterTest2</filter-class>
</filter>
<filter-mapping>
<filter-name>filtertest2</filter-name>
<!--根据url-pattern实现过滤-->
<url-pattern>/servlettest1</url-pattern>
</filter-mapping>
</web-app>
测试结果
4-使用注解配置过滤器
与Servlet类的配置类似,过滤器也可以使用@WebFilter注解进行配置,同时还可以使用<init-param>标签指定Filter过滤器的初始化参数。
而对于@WebFilter注解,其常用的注解如下:
5-登陆拦截器实现
通过过滤器控制,只有登录过之后可以反复进入除了login.jsp的其它页面,如果没有登录,提示用户进入登录页进行登录操作。主要代码如下:
package com.xwd.filter;
import javax.servlet.*;
import javax.servlet.annotation.WebFilter;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;
import java.io.IOException;
/**
* @ClassName ResourceFilter
* @Description: com.xwd.filter-登录过滤器-[过滤所有资源,如果没有登陆,就无法访问受限的资源页面]
* @Auther: xiwd
* @Date: 2022/2/11 - 02 - 11 - 0:44
* @version: 1.0
*/
@WebFilter(
filterName = "loginfilter",
urlPatterns = "/*"
)
public class Filter_LoginFilter implements Filter {
//methods
@Override
public void init(FilterConfig filterConfig) throws ServletException {
System.out.println(filterConfig.getFilterName()+" has been initialized.");
}
@Override
public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException {
//类型强转
HttpServletRequest request = (HttpServletRequest) servletRequest;
HttpServletResponse response = (HttpServletResponse) servletResponse;
//资源过滤
String requestURI = request.getRequestURI();
System.out.println("requestURI="+requestURI);
//可以直接放行的资源
if (requestURI.contains("login.jsp")){
//放行资源-只允许访问登录页面
filterChain.doFilter(request,response);
return;
}
//在未登录账户情况下.需要被拦截的资源-如果未登录,则直接跳转到login.jsp登录页面
HttpSession session = request.getSession();
Object user = session.getAttribute("user");
if (null!=user){
//已登录,放行
filterChain.doFilter(request,response);
}else {
//未登录,跳转至login.jsp登录页面
response.sendRedirect("login.jsp");
}
}
@Override
public void destroy() {
System.out.println("filter has been destroyed.");
}
}